<?php
//=======================================
//###################################
// Kayako Web Solutions
//
// Source Copyright 2001-2004 Kayako Web Solutions
// Unauthorized reproduction is not allowed
// License Number: $%LICENSE%$
// $Author: vshoor $ ($Date: 2006/04/11 20:58:15 $)
// $RCSfile: staff_messages.php,v $ : $Revision: 1.5 $ 
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
//
//###################################
//=======================================

if (!defined("INSWIFT")) {
	trigger_error("Unable to process $PHP_SELF", E_USER_ERROR);
}

if ($_SWIFT["staff"]["ls_entab"] == "0")
{
	echo '<font face="Verdana, Arial, Helvetica" size="2" color="red"><b>'.$_SWIFT["language"]["nopermission"].'</b></font>';
	exit;
}

require_once ("./modules/livesupport/functions_messages.php");
require_once ("./includes/functions_html.php");

$grid = new Grid();

$interface->assignQuickLink($_SWIFT["language"]["newmessages"], "index.php?_m=livesupport&_a=messages", "icon_msgsmallyellow.gif");
$interface->assignQuickLink($_SWIFT["language"]["repliedmessages"], "index.php?_m=livesupport&_a=repliedmessages", "icon_msgsmallgray.gif");

/**
* ###############################################
* New Messages
* ###############################################
*/
if ($eventaction == "messages")
{
	if ($_GET["do"] == "delete" && trim($_GET["messageid"]) != "")
	{
		$infomessage = sprintf($_SWIFT["language"]["messagedeleteconfirm"], getMessageSubject($_GET["messageid"]));

		deleteMessages(array($_GET["messageid"]));
	}

	if (trim($_REQUEST["clientemail"]) != "")
	{
		$infomessage = sprintf($_SWIFT["language"]["confirmmessagereplied"], htmlspecialchars($_REQUEST["clientemail"]));
	}

	// Get all the departments this staff is assigned to
	$departmentidlist = array();
	$_staffgroupid = $dbCore->escape($_SWIFT["staff"]["staffgroupid"]);
	$dbCore->query("SELECT departments.departmentid FROM `". TABLE_PREFIX ."departments` AS departments LEFT JOIN `". TABLE_PREFIX ."staffassigns` AS staffassigns ON (staffassigns.departmentid = departments.departmentid) LEFT JOIN `". TABLE_PREFIX ."groupassigns` AS groupassigns ON (groupassigns.departmentid = departments.departmentid) WHERE staffassigns.staffid = '". $dbCore->escape($_SWIFT["staff"]["staffid"]) ."' OR groupassigns.staffgroupid = '". iif($_SWIFT["staff"]["groupassigns"]=="1",$_staffgroupid, "0") ."';");
	while ($dbCore->nextRecord())
	{
		$departmentidlist[] = $dbCore->Record["departmentid"];
	}

	$interface->staffHeader($_SWIFT["language"]["messages"], 3);

	$interface->staffNavBar('<a href="index.php?_m=livesupport&_a=messages" title="'.$_SWIFT["language"]["messages"].'">'.$_SWIFT["language"]["messages"]."</a>", "", 3);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	$options["recordsperpage"] = "10";
	$options["sortby"] = "messages.dateline";
	$options["sortorder"] = "asc";

	$options["massaction"][0]["title"] = $_SWIFT["language"]["markasreplied"];
	$options["massaction"][0]["callback"] = "_maMarkRepliedMessage";
	$options["massaction"][1]["title"] = $_SWIFT["language"]["delete"];
	$options["massaction"][1]["callback"] = "_maDeleteMessage";

	$options["idname"] = "messageid";
	$options["quicksearch"] = true;

	$options["advancedsearch"][0]["title"] = $_SWIFT["language"]["subject"];
	$options["advancedsearch"][0]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.subject LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;';
	$options["advancedsearch"][1]["title"] = $_SWIFT["language"]["fullname"];
	$options["advancedsearch"][1]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.fullname LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;';
	$options["advancedsearch"][2]["title"] = $_SWIFT["language"]["email"];
	$options["advancedsearch"][2]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.email LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;';
	$options["advancedsearch"][3]["title"] = $_SWIFT["language"]["contents"];
	$options["advancedsearch"][3]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages LEFT JOIN `'. TABLE_PREFIX .'messagedata` AS messagedata ON (messages.messageid = messagedata.messageid) WHERE messagedata.contents LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;';

	$options["callback"] = "_messageFields";

	$fields[0]["name"] = "messages.subject";
	$fields[0]["title"] = $_SWIFT["language"]["subject"];
	$fields[0]["width"] = "";

	$fields[1]["name"] = "messages.fullname";
	$fields[1]["title"] = $_SWIFT["language"]["fullname"];
	$fields[1]["width"] = "120";
	$fields[1]["align"] = "center";

	$fields[2]["name"] = "messages.dateline";
	$fields[2]["title"] = $_SWIFT["language"]["createdon"];
	$fields[2]["width"] = "160";
	$fields[2]["align"] = "center";

	$fields[3]["type"] = "custom";
	$fields[3]["name"] = "options";
	$fields[3]["title"] = $_SWIFT["language"]["options"];
	$fields[3]["width"] = "150";
	$fields[3]["align"] = "center";

	$grid->start("messages", $_SWIFT["language"]["newmessagelist"], 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;', 'SELECT COUNT(*) AS totalitems FROM `'. TABLE_PREFIX .'messages`AS messages WHERE messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\';', 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.subject LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_NEW .'\' $_sortjoin;', $fields, $options);
	$grid->display("messages");
	
	$interface->staffFooter();



/**
* ###############################################
* Replied Messages
* ###############################################
*/
} else if ($eventaction == "repliedmessages") {
	if ($_GET["do"] == "delete" && trim($_GET["messageid"]) != "")
	{
		$infomessage = sprintf($_SWIFT["language"]["messagedeleteconfirm"], getMessageSubject($_GET["messageid"]));

		deleteMessages(array($_GET["messageid"]));
	}

	// Get all the departments this staff is assigned to
	$departmentidlist = array();
	$_staffgroupid = $dbCore->escape($_SWIFT["staff"]["staffgroupid"]);
	$dbCore->query("SELECT departments.departmentid FROM `". TABLE_PREFIX ."departments` AS departments LEFT JOIN `". TABLE_PREFIX ."staffassigns` AS staffassigns ON (staffassigns.departmentid = departments.departmentid) LEFT JOIN `". TABLE_PREFIX ."groupassigns` AS groupassigns ON (groupassigns.departmentid = departments.departmentid) WHERE staffassigns.staffid = '". $dbCore->escape($_SWIFT["staff"]["staffid"]) ."' OR groupassigns.staffgroupid = '". iif($_SWIFT["staff"]["groupassigns"]=="1",$_staffgroupid, "0") ."';");
	while ($dbCore->nextRecord())
	{
		$departmentidlist[] = $dbCore->Record["departmentid"];
	}


	$interface->staffHeader($_SWIFT["language"]["repliedmessages"], 3);

	$interface->staffNavBar('<a href="index.php?_m=livesupport&_a=messages" title="'.$_SWIFT["language"]["messages"].'">'.$_SWIFT["language"]["messages"].'</a> &raquo; <a href="index.php?_m=livesupport&_a=repliedmessages" title="'.$_SWIFT["language"]["replied"].'">'.$_SWIFT["language"]["replied"]."</a>", "", 3);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	$options["recordsperpage"] = "10";
	$options["sortby"] = "messages.replydateline";
	$options["sortorder"] = "desc";

	$options["massaction"][0]["title"] = $_SWIFT["language"]["delete"];
	$options["massaction"][0]["callback"] = "_maDeleteMessage";

	$options["idname"] = "messageid";
	$options["quicksearch"] = true;

	$options["advancedsearch"][0]["title"] = $_SWIFT["language"]["subject"];
	$options["advancedsearch"][0]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.subject LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;';
	$options["advancedsearch"][1]["title"] = $_SWIFT["language"]["fullname"];
	$options["advancedsearch"][1]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.fullname LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;';
	$options["advancedsearch"][2]["title"] = $_SWIFT["language"]["email"];
	$options["advancedsearch"][2]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.email LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;';
	$options["advancedsearch"][3]["title"] = $_SWIFT["language"]["contents"];
	$options["advancedsearch"][3]["query"] = 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages LEFT JOIN `'. TABLE_PREFIX .'messagedata` AS messagedata ON (messages.messageid = messagedata.messageid) WHERE messagedata.contents LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;';

	$options["callback"] = "_messageRepliedFields";

	$fields[0]["name"] = "messages.subject";
	$fields[0]["title"] = $_SWIFT["language"]["subject"];
	$fields[0]["width"] = "";

	$fields[1]["name"] = "messages.fullname";
	$fields[1]["title"] = $_SWIFT["language"]["fullname"];
	$fields[1]["width"] = "120";
	$fields[1]["align"] = "center";

	$fields[2]["name"] = "messages.dateline";
	$fields[2]["title"] = $_SWIFT["language"]["createdon"];
	$fields[2]["width"] = "160";
	$fields[2]["align"] = "center";

	$fields[3]["name"] = "messages.staffid";
	$fields[3]["title"] = $_SWIFT["language"]["staffname"];
	$fields[3]["width"] = "120";
	$fields[3]["align"] = "center";

	$fields[4]["name"] = "messages.replydateline";
	$fields[4]["title"] = $_SWIFT["language"]["repliedon"];
	$fields[4]["width"] = "160";
	$fields[4]["align"] = "center";

	$fields[5]["type"] = "custom";
	$fields[5]["name"] = "options";
	$fields[5]["title"] = $_SWIFT["language"]["options"];
	$fields[5]["width"] = "150";
	$fields[5]["align"] = "center";

	$grid->start("repliedmessages", $_SWIFT["language"]["repliedmessagelist"], 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;', 'SELECT COUNT(*) AS totalitems FROM `'. TABLE_PREFIX .'messages`AS messages WHERE messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\';', 'SELECT * FROM `'. TABLE_PREFIX .'messages` AS messages WHERE messages.subject LIKE \'%$_searchstr%\' AND messages.departmentid IN ('. buildIN($departmentidlist) .') AND messages.messagestatus = \''. MESSAGE_REPLIED .'\' $_sortjoin;', $fields, $options);
	$grid->display("repliedmessages");
	
	$interface->staffFooter();



/**
* ###############################################
* Reply to Message
* ###############################################
*/
} else if ($eventaction == "replytomessage") {
	$messageidlist = checkStaffMessagePermission(array($_REQUEST["messageid"]));
	$_REQUEST["messageid"] = $messageidlist[0];

	if ($_POST["step"] == "1")
	{
		if (trim($_POST["subject"]) == "" || trim($_POST["reply"]) == "")
		{
			$errormessage = $_SWIFT["language"]["requiredfieldempty"];
		} else {
			require_once ("./includes/functions_mail.php");

			$clientemail = replyToMessage($_POST["messageid"], $_POST["subject"], $_POST["reply"]);

			printRedirect(sprintf($_SWIFT["language"]["redirect_messagereplied"], htmlspecialchars($clientemail)), "index.php?_m=livesupport&_a=messages&clientemail=".urlencode($clientemail));
			exit;
		}
	}

	// Get the message details
	$dbCore->query("SELECT * FROM `". TABLE_PREFIX ."messages` AS messages LEFT JOIN `". TABLE_PREFIX ."messagedata` AS messagedata ON (messages.messageid = messagedata.messageid) WHERE messages.messageid = '". $dbCore->escape($_REQUEST["messageid"]) ."';");
	while ($dbCore->nextRecord())
	{
		if ($dbCore->Record["contenttype"] == CONTENT_CLIENT)
		{
			$_message = $dbCore->Record;
		}
	}
	if ($_message["messageid"] == "")
	{
		echo "Invalid Message";
		exit;
	}

	$template->assign("itemoptiontitle", $_SWIFT["language"]["messageoptions"]);
	$interface->assignItemOption($_SWIFT["language"]["deletemessage"], "", "icon_delete.gif", "", 'doConfirm(\''. $_SWIFT["language"]["actionconfirm"] .'\', \'index.php?_m=livesupport&_a=messages&do=delete&messageid='. $_message["messageid"] .'\')');

	$interface->staffHeader($_SWIFT["language"]["replytomessage"], 3);

	$interface->staffNavBar('<a href="index.php?_m=livesupport&_a=messages" title="'.$_SWIFT["language"]["messages"].'">'.$_SWIFT["language"]["messages"].'</a> &raquo; <a href="index.php?_m=livesupport&_a=replytomessage&messageid='. intval($_REQUEST["messageid"]) .'" title="'.$_SWIFT["language"]["reply"].'">'.$_SWIFT["language"]["reply"]."</a>", "", 3);
	
	printInfoBox($infomessage);
	printErrorBox($errormessage);

	printFormStart();
	printMainTableHeader($_SWIFT["language"]["messagereply"]);

	printDescRow($_SWIFT["language"]["messagedetails"]);
	printDefaultDescRow($_SWIFT["language"]["clientname"], "", htmlspecialchars($_message["fullname"]));
	printDefaultDescRow($_SWIFT["language"]["clientemail"], "", htmlspecialchars($_message["email"]));
	printDefaultDescRow($_SWIFT["language"]["createdon"], "", edate($_SWIFT["settings"]["dt_datetimeformat"], $record["dateline"]));
	printDefaultDescRow($_SWIFT["language"]["subject"], "", htmlspecialchars($_message["subject"]));
	printDefaultDescRow($_SWIFT["language"]["contents"], "", nl2br(htmlspecialchars($_message["contents"])));
	printDescRow($_SWIFT["language"]["replydetails"]);
	printTextRow("subject", $_SWIFT["language"]["subject"], $_SWIFT["language"]["desc_subject"], "text", iif(empty($_POST["subject"]), sprintf($_SWIFT["language"]["subjectformat"], $_message["subject"]), $_POST["subject"]));
	printTextareaRow("reply", $_SWIFT["language"]["reply"], $_SWIFT["language"]["desc_reply"], $_POST["reply"], "60", "10");

	printSubmitRow($_SWIFT["language"]["sendreply"]);

	printMainTableFooter();

	addHiddenField("_m", "livesupport");
	addHiddenField("_a", "replytomessage");
	addHiddenField("step", "1");
	addHiddenField("messageid", $_message["messageid"]);
	printFormEnd();

	$template->assign("backurl", "index.php?_m=livesupport&_a=messages");
	$interface->staffFooter();



/**
* ###############################################
* Message Details
* ###############################################
*/
} else if ($eventaction == "messagedetails") {
	$messageidlist = checkStaffMessagePermission(array($_REQUEST["messageid"]));
	$_REQUEST["messageid"] = $messageidlist[0];

	// Get the message details
	$dbCore->query("SELECT * FROM `". TABLE_PREFIX ."messages` AS messages LEFT JOIN `". TABLE_PREFIX ."messagedata` AS messagedata ON (messages.messageid = messagedata.messageid) WHERE messages.messageid = '". $dbCore->escape($_REQUEST["messageid"]) ."';");
	while ($dbCore->nextRecord())
	{
		if ($dbCore->Record["contenttype"] == CONTENT_CLIENT)
		{
			$_message = $dbCore->Record;
		} else {
			$_reply = $dbCore->Record["contents"];
		}
	}
	if ($_message["messageid"] == "")
	{
		echo "Invalid Message";
		exit;
	}

	$template->assign("itemoptiontitle", $_SWIFT["language"]["messageoptions"]);
	$interface->assignItemOption($_SWIFT["language"]["deletemessage"], "", "icon_delete.gif", "", 'doConfirm(\''. $_SWIFT["language"]["actionconfirm"] .'\', \'index.php?_m=livesupport&_a=messages&do=delete&messageid='. $_message["messageid"] .'\')');

	// Select staff reply
	$interface->staffHeader($_SWIFT["language"]["messagedetails"], 3);

	$interface->staffNavBar('<a href="index.php?_m=livesupport&_a=messages" title="'.$_SWIFT["language"]["messages"].'">'.$_SWIFT["language"]["messages"].'</a> &raquo; <a href="index.php?_m=livesupport&_a=messagedetails&messageid='. intval($_REQUEST["messageid"]) .'" title="'.$_SWIFT["language"]["messagedetails"].'">'.$_SWIFT["language"]["messagedetails"]."</a>", "", 3);

	printInfoBox($infomessage);
	printErrorBox($errormessage);

	printMainTableHeader($_SWIFT["language"]["messagedetails"]);

	printDescRow($_SWIFT["language"]["messagedetails"]);
	printDefaultDescRow($_SWIFT["language"]["clientname"], "", htmlspecialchars($_message["fullname"]));
	printDefaultDescRow($_SWIFT["language"]["clientemail"], "", htmlspecialchars($_message["email"]));
	printDefaultDescRow($_SWIFT["language"]["createdon"], "", edate($_SWIFT["settings"]["dt_datetimeformat"], $record["dateline"]));
	printDefaultDescRow($_SWIFT["language"]["subject"], "", htmlspecialchars($_message["subject"]));
	printDefaultDescRow($_SWIFT["language"]["contents"], "", nl2br(htmlspecialchars($_message["contents"])));
	printDescRow($_SWIFT["language"]["replydetails"]);
	printDefaultDescRow($_SWIFT["language"]["staffname"], "", $_SWIFT["staffcache"][$_message["staffid"]]["fullname"]);
	printDefaultDescRow($_SWIFT["language"]["repliedon"], "", edate($_SWIFT["settings"]["dt_datetimeformat"], $record["replydateline"]));
	printDefaultDescRow($_SWIFT["language"]["reply"], "", nl2br(htmlspecialchars($_reply)));
	printMainTableFooter();

	$template->assign("backurl", "index.php?_m=livesupport&_a=repliedmessages");
	$interface->staffFooter();

}
?>